diff --git a/IISWithBindings/Jobs/Inventory.cs b/IISWithBindings/Jobs/Inventory.cs index e2a24ba..d3c7791 100644 --- a/IISWithBindings/Jobs/Inventory.cs +++ b/IISWithBindings/Jobs/Inventory.cs @@ -28,7 +28,7 @@ private JobResult PerformInventory(InventoryJobConfiguration config, SubmitInven _logger.LogTrace($"Begin Inventory for Cert Store {$@"\\{config.CertificateStoreDetails.ClientMachine}\{config.CertificateStoreDetails.StorePath}"}"); - WSManConnectionInfo connInfo = new WSManConnectionInfo(new Uri($"http://{config.CertificateStoreDetails.ClientMachine}:5985/wsman")); + WSManConnectionInfo connInfo = new WSManConnectionInfo(new Uri($"{storePath.WinRmProtocol}://{config.CertificateStoreDetails.ClientMachine}:{storePath.WinRmPort}/wsman")); if (storePath != null) { SecureString pw = new NetworkCredential(config.ServerUsername, config.ServerPassword) diff --git a/IISWithBindings/Jobs/Management.cs b/IISWithBindings/Jobs/Management.cs index 7be73c0..ddc5e35 100644 --- a/IISWithBindings/Jobs/Management.cs +++ b/IISWithBindings/Jobs/Management.cs @@ -69,7 +69,7 @@ private JobResult PerformRemoval(ManagementJobConfiguration config) var connInfo = new WSManConnectionInfo( - new Uri($"http://{config.CertificateStoreDetails.ClientMachine}:5985/wsman")); + new Uri($"{storePath.WinRmProtocol}://{config.CertificateStoreDetails.ClientMachine}:{storePath.WinRmPort}/wsman")); if (storePath != null) { connInfo.IncludePortInSPN = storePath.SpnPortFlag; @@ -166,7 +166,7 @@ private JobResult PerformAddition(ManagementJobConfiguration config,string thump var connInfo = new WSManConnectionInfo( - new Uri($"http://{config.CertificateStoreDetails.ClientMachine}:5985/wsman")); + new Uri($"{storePath.WinRmProtocol}://{config.CertificateStoreDetails.ClientMachine}:{storePath.WinRmPort}/wsman")); if (storePath != null) { connInfo.IncludePortInSPN = storePath.SpnPortFlag; diff --git a/IISWithBindings/StorePath.cs b/IISWithBindings/StorePath.cs index e61c391..6e4408f 100644 --- a/IISWithBindings/StorePath.cs +++ b/IISWithBindings/StorePath.cs @@ -14,6 +14,14 @@ public StorePath() [DefaultValue(false)] public bool SpnPortFlag { get; set; } + [JsonProperty("WinRm Protocol")] + [DefaultValue("http")] + public string WinRmProtocol { get; set; } + + [JsonProperty("WinRm Port")] + [DefaultValue("5985")] + public string WinRmPort { get; set; } + [JsonProperty("sniflag")] [DefaultValue(SniFlag.None)] public SniFlag SniFlag { get; set; } diff --git a/README.md b/README.md index 895a82e..59a0073 100644 --- a/README.md +++ b/README.md @@ -62,9 +62,11 @@ Job Types |Inventory, Add, and Remove are the supported job types. - **SPN With Port** – Defaults to false but some customers need for remote PowerShell Access -Parameter Name|Parameter Type|Default Value|Required +Parameter Name|Display Name|Parameter Type|Default Value|Required|Description ---|---|---|--- -spnwithport|Boolean|false|No +spnwithport|SPN With Port?|Boolean|false|No|An SPN is the name by which a client uniquely identifies an instance of a service +WinRm Protocol|WinRm Protocol|Multiple Choice|http|Yes|Protocol that WinRM Runs on +WinRm Port|WinRm Port|String|5985|Yes|Port that WinRM Runs on ![](images/screen1-b.gif) @@ -103,6 +105,7 @@ See Keyfactor InstallingKeyfactorOrchestrators.pdf Documentation. Get from your In Keyfactor Command create a new Certificate Store similar to the one below, selecting IIS With Binding as the Category and the parameters as described in "Create the New Certificate Store Type for the New IIS-With-Bindings AnyAgent". ![](images/screen2.gif) +![](images/screen2-a.gif) #### STORE CONFIGURATION CONFIG ELEMENT |DESCRIPTION @@ -110,6 +113,9 @@ CONFIG ELEMENT |DESCRIPTION Category |The type of certificate store to be configured. Select category based on the display name configured above. Container |This is a logical grouping of like stores. This configuration is optional and does not impact the functionality of the store. Client Machine |The hostname of the server to be managed. The Change Credentials option must be clicked to provide a username and password. This account will be used to manage the remote server via PowerShell. +Credentials |Local or domain admin account that has permissions to manage iis (Has to be admin) Store Path |My or WebHosting +WinRm Protocol|http or https +WinRm Port |Port to run WinRm on Default for http is 5985 Orchestrator |This is the orchestrator server registered with the appropriate capabilities to manage this certificate store type. Inventory Schedule |The interval that the system will use to report on what certificates are currently in the store. diff --git a/images/screen1-b.gif b/images/screen1-b.gif index b313b35..b1768f0 100644 Binary files a/images/screen1-b.gif and b/images/screen1-b.gif differ diff --git a/images/screen1-c.gif b/images/screen1-c.gif index 6306245..c22c84e 100644 Binary files a/images/screen1-c.gif and b/images/screen1-c.gif differ diff --git a/images/screen2-a.gif b/images/screen2-a.gif new file mode 100644 index 0000000..e70529a Binary files /dev/null and b/images/screen2-a.gif differ diff --git a/images/screen2.gif b/images/screen2.gif index 6320290..6b1796e 100644 Binary files a/images/screen2.gif and b/images/screen2.gif differ diff --git a/readme_source.md b/readme_source.md index 510cc7b..26f31d6 100644 --- a/readme_source.md +++ b/readme_source.md @@ -46,9 +46,11 @@ Job Types |Inventory, Add, and Remove are the supported job types. - **SPN With Port** – Defaults to false but some customers need for remote PowerShell Access -Parameter Name|Parameter Type|Default Value|Required +Parameter Name|Display Name|Parameter Type|Default Value|Required|Description ---|---|---|--- -spnwithport|Boolean|false|No +spnwithport|SPN With Port?|Boolean|false|No|An SPN is the name by which a client uniquely identifies an instance of a service +WinRm Protocol|WinRm Protocol|Multiple Choice|http|Yes|Protocol that WinRM Runs on +WinRm Port|WinRm Port|String|5985|Yes|Port that WinRM Runs on ![](images/screen1-b.gif) @@ -87,6 +89,7 @@ See Keyfactor InstallingKeyfactorOrchestrators.pdf Documentation. Get from your In Keyfactor Command create a new Certificate Store similar to the one below, selecting IIS With Binding as the Category and the parameters as described in "Create the New Certificate Store Type for the New IIS-With-Bindings AnyAgent". ![](images/screen2.gif) +![](images/screen2-a.gif) #### STORE CONFIGURATION CONFIG ELEMENT |DESCRIPTION @@ -94,6 +97,9 @@ CONFIG ELEMENT |DESCRIPTION Category |The type of certificate store to be configured. Select category based on the display name configured above. Container |This is a logical grouping of like stores. This configuration is optional and does not impact the functionality of the store. Client Machine |The hostname of the server to be managed. The Change Credentials option must be clicked to provide a username and password. This account will be used to manage the remote server via PowerShell. +Credentials |Local or domain admin account that has permissions to manage iis (Has to be admin) Store Path |My or WebHosting +WinRm Protocol|http or https +WinRm Port |Port to run WinRm on Default for http is 5985 Orchestrator |This is the orchestrator server registered with the appropriate capabilities to manage this certificate store type. Inventory Schedule |The interval that the system will use to report on what certificates are currently in the store.